<?xml version="1.0" encoding="iso-8859-1" standalone="no"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
  <head>
    <meta http-equiv="Content-Type" content=
    "application/xhtml+xml; charset=iso-8859-1" />
    <title>
      Unbound-1.9.6
    </title>
    <link rel="stylesheet" type="text/css" href="../stylesheets/lfs.css" />
    <meta name="generator" content="DocBook XSL Stylesheets V1.79.1" />
    <link rel="stylesheet" href="../stylesheets/lfs-print.css" type=
    "text/css" media="print" />
  </head>
  <body class="blfs" id="blfs-9.1">
    <div class="navheader">
      <h4>
        Beyond Linux<sup>�</sup> From Scratch <span class="phrase">(System
        V</span> Edition) - Version 9.1
      </h4>
      <h3>
        Chapter&nbsp;23.&nbsp;Other Server Software
      </h3>
      <ul>
        <li class="prev">
          <a accesskey="p" href="openldap.html" title=
          "OpenLDAP-2.4.49">Prev</a>
          <p>
            OpenLDAP-2.4.49
          </p>
        </li>
        <li class="next">
          <a accesskey="n" href="../x/x.html" title=
          "X + Window and Display Managers">Next</a>
          <p>
            X + Window and Display Managers
          </p>
        </li>
        <li class="up">
          <a accesskey="u" href="other.html" title=
          "Chapter&nbsp;23.&nbsp;Other Server Software">Up</a>
        </li>
        <li class="home">
          <a accesskey="h" href="../index.html" title=
          "Beyond Linux� From Scratch     (System V Edition) - Version 9.1">Home</a>
        </li>
      </ul>
    </div>
    <div class="sect1" lang="en" xml:lang="en">
      <h1 class="sect1">
        <a id="unbound" name="unbound"></a>Unbound-1.9.6
      </h1>
      <div class="package" lang="en" xml:lang="en">
        <h2 class="sect2">
          Introduction to Unbound
        </h2>
        <p>
          <span class="application">Unbound</span> is a validating,
          recursive, and caching DNS resolver. It is designed as a set of
          modular components that incorporate modern features, such as
          enhanced security (DNSSEC) validation, Internet Protocol Version 6
          (IPv6), and a client resolver library API as an integral part of
          the architecture.
        </p>
        <p>
          This package is known to build and work properly using an LFS-9.1
          platform.
        </p>
        <h3>
          Package Information
        </h3>
        <div class="itemizedlist">
          <ul class="compact">
            <li class="listitem">
              <p>
                Download (HTTP): <a class="ulink" href=
                "http://www.unbound.net/downloads/unbound-1.9.6.tar.gz">http://www.unbound.net/downloads/unbound-1.9.6.tar.gz</a>
              </p>
            </li>
            <li class="listitem">
              <p>
                Download MD5 sum: e6423d68e293ffec953477ef1adbbfb7
              </p>
            </li>
            <li class="listitem">
              <p>
                Download size: 5.4 MB
              </p>
            </li>
            <li class="listitem">
              <p>
                Estimated disk space required: 52 MB (with docs; add 9 MB for
                tests)
              </p>
            </li>
            <li class="listitem">
              <p>
                Estimated build time: 0.4 SBU (Using parallelism=4; with
                docs; add 0.3 SBU for tests)
              </p>
            </li>
          </ul>
        </div>
        <h3>
          Unbound Dependencies
        </h3>
        <h4>
          Optional
        </h4>
        <p class="optional">
          <a class="xref" href="../basicnet/libevent.html" title=
          "libevent-2.1.11">libevent-2.1.11</a>, <a class="xref" href=
          "../postlfs/nettle.html" title="Nettle-3.5.1">Nettle-3.5.1</a>,
          <a class="xref" href="../general/python2.html" title=
          "Python-2.7.17">Python-2.7.17</a>, <a class="xref" href=
          "../general/swig.html" title="SWIG-4.0.1">SWIG-4.0.1</a> (for
          Python bindings), <a class="xref" href="../general/doxygen.html"
          title="Doxygen-1.8.17">Doxygen-1.8.17</a> (for html documentation),
          <a class="ulink" href="http://dnstap.info/">dnstap</a>, and
          <a class="ulink" href=
          "https://pypi.python.org/pypi/Sphinx">Sphinx</a> (for Python
          bindings documentation)
        </p>
        <p class="usernotes">
          User Notes: <a class="ulink" href=
          "http://wiki.linuxfromscratch.org/blfs/wiki/unbound">http://wiki.linuxfromscratch.org/blfs/wiki/unbound</a>
        </p>
      </div>
      <div class="installation" lang="en" xml:lang="en">
        <h2 class="sect2">
          Installation of Unbound
        </h2>
        <p>
          There should be a dedicated user and group to take control of the
          <span class="command"><strong>unbound</strong></span> daemon after
          it is started. Issue the following commands as the <code class=
          "systemitem">root</code> user:
        </p>
        <pre class="root">
<kbd class="command">groupadd -g 88 unbound &amp;&amp;
useradd -c "Unbound DNS resolver" -d /var/lib/unbound -u 88 \
        -g unbound -s /bin/false unbound</kbd>
</pre>
        <p>
          Install <span class="application">Unbound</span> by running the
          following commands:
        </p>
        <pre class="userinput">
<kbd class="command">./configure --prefix=/usr     \
            --sysconfdir=/etc \
            --disable-static  \
            --with-pidfile=/run/unbound.pid &amp;&amp;
make</kbd>
</pre>
        <p>
          If you have <a class="xref" href="../general/doxygen.html" title=
          "Doxygen-1.8.17">Doxygen-1.8.17</a> package installed and want to
          build html documentation, run the following command:
        </p>
        <pre class="userinput">
<kbd class="command">make doc</kbd>
</pre>
        <p>
          To test the results, issue <span class="command"><strong>make
          check</strong></span>.
        </p>
        <p>
          Now, as the <code class="systemitem">root</code> user:
        </p>
        <pre class="root">
<kbd class="command">make install &amp;&amp;
mv -v /usr/sbin/unbound-host /usr/bin/</kbd>
</pre>
        <p>
          If you built the documentation, install it by running the following
          commands as the <code class="systemitem">root</code> user:
        </p>
        <pre class="root">
<kbd class=
"command">install -v -m755 -d /usr/share/doc/unbound-1.9.6 &amp;&amp;
install -v -m644 doc/html/* /usr/share/doc/unbound-1.9.6</kbd>
</pre>
      </div>
      <div class="commands" lang="en" xml:lang="en">
        <h2 class="sect2">
          Command Explanations
        </h2>
        <p>
          <em class="parameter"><code>--disable-static</code></em>: This
          switch prevents installation of static versions of the libraries.
        </p>
        <p>
          <code class="option">--with-libevent</code>: This option enables
          libevent support allowing use of large outgoing port ranges.
        </p>
        <p>
          <code class="option">--with-pyunbound</code>: This option enables
          building of the Python bindings.
        </p>
      </div>
      <div class="configuration" lang="en" xml:lang="en">
        <h2 class="sect2">
          Configuring Unbound
        </h2>
        <div class="sect3" lang="en" xml:lang="en">
          <h3 class="sect3">
            <a id="unbound-config" name="unbound-config"></a>
          </h3>
          <h4 class="title">
            <a id="unbound-config" name="unbound-config"></a>Config Files
          </h4>
          <p>
            <code class="filename">/etc/unbound/unbound.conf</code>
          </p>
        </div>
        <div class="sect3" lang="en" xml:lang="en">
          <h3 class="sect3"></h3>
          <h4 class="title">
            <a id="idm45779254113968" name=
            "idm45779254113968"></a>Configuration Information
          </h4>
          <p>
            In the default configuration, <span class=
            "command"><strong>unbound</strong></span> will bind to localhost
            (127.0.0.1 IP address) and allow recursive queries only from
            localhost clients. If you want to use <span class=
            "command"><strong>unbound</strong></span> for local DNS
            resolution, run the following command as the <code class=
            "systemitem">root</code> user:
          </p>
          <pre class="root">
<kbd class="command">echo "nameserver 127.0.0.1" &gt; /etc/resolv.conf</kbd>
</pre>
          <p>
            If you are using a DHCP client for connecting to a network,
            <code class="filename">/etc/resolv.conf</code> gets overwritten
            with values provided by DHCP server. You can override this, for
            example in <a class="xref" href="../basicnet/dhcp.html" title=
            "DHCP-4.4.2">DHCP-4.4.2</a>, by running the following command as
            the <code class="systemitem">root</code> user:
          </p>
          <pre class="root">
<kbd class=
"command">sed -i '/request /i\supersede domain-name-servers 127.0.0.1;' \
       /etc/dhcp/dhclient.conf</kbd>
</pre>
          <p>
            For advanced configuration see <code class=
            "filename">/etc/unbound/unbound.conf</code> file and the
            documentation.
          </p>
          <p>
            When <span class="application">Unbound</span> is installed, some
            package builds fail if the file <code class=
            "filename">/etc/unbound/root.key</code> is not found. This file
            is created by running the boot script (install instructions
            below). Alternatively, it can be created by running the following
            command as the <code class="systemitem">root</code> user:
          </p>
          <pre class="root">
<kbd class="command">unbound-anchor</kbd>
</pre>
        </div>
        <div class="sect3" lang="en" xml:lang="en">
          <h3 class="sect3">
            <a id="unbound-init" name="unbound-init"></a>
          </h3>
          <h4 class="title">
            <a id="unbound-init" name="unbound-init"></a><span class=
            "phrase">Boot Script</span>
          </h4>
          <p>
            If you want the <span class="application">Unbound</span> server
            to start automatically when the system is booted, install the
            <span class="phrase"><code class=
            "filename">/etc/rc.d/init.d/unbound</code> init script</span>
            included in the <a class="xref" href=
            "../introduction/bootscripts.html" title=
            "BLFS Boot Scripts">blfs-bootscripts-20191204</a> package.
          </p>
          <pre class="root">
<kbd class="command">make install-unbound</kbd>
</pre>
        </div>
      </div>
      <div class="content" lang="en" xml:lang="en">
        <h2 class="sect2">
          Contents
        </h2>
        <div class="segmentedlist">
          <div class="seglistitem">
            <div class="seg">
              <strong class="segtitle">Installed Programs:</strong>
              <span class="segbody">unbound, unbound-anchor,
              unbound-checkconf, unbound-control, unbound-control-setup, and
              unbound-host</span>
            </div>
            <div class="seg">
              <strong class="segtitle">Installed Library:</strong>
              <span class="segbody">libunbound.so and (optional)
              /usr/lib/python2.7/site-packages/_unbound.so</span>
            </div>
            <div class="seg">
              <strong class="segtitle">Installed Directories:</strong>
              <span class="segbody">/etc/unbound and
              /usr/share/doc/unbound-1.9.6 (optional)</span>
            </div>
          </div>
        </div>
        <div class="variablelist">
          <h3>
            Short Descriptions
          </h3>
          <table border="0" class="variablelist">
            <colgroup>
              <col align="left" valign="top" />
              <col />
            </colgroup>
            <tbody>
              <tr>
                <td>
                  <p>
                    <a id="unbound-prog" name="unbound-prog"></a><span class=
                    "term"><span class=
                    "command"><strong>unbound</strong></span></span>
                  </p>
                </td>
                <td>
                  <p>
                    is a DNS resolver daemon.
                  </p>
                </td>
              </tr>
              <tr>
                <td>
                  <p>
                    <a id="unbound-anchor" name=
                    "unbound-anchor"></a><span class="term"><span class=
                    "command"><strong>unbound-anchor</strong></span></span>
                  </p>
                </td>
                <td>
                  <p>
                    performs setup or update of the root trust anchor for
                    DNSSEC validation.
                  </p>
                </td>
              </tr>
              <tr>
                <td>
                  <p>
                    <a id="unbound-checkconf" name=
                    "unbound-checkconf"></a><span class="term"><span class=
                    "command"><strong>unbound-checkconf</strong></span></span>
                  </p>
                </td>
                <td>
                  <p>
                    checks <span class=
                    "command"><strong>unbound</strong></span> configuration
                    file for syntax and other errors.
                  </p>
                </td>
              </tr>
              <tr>
                <td>
                  <p>
                    <a id="unbound-control" name=
                    "unbound-control"></a><span class="term"><span class=
                    "command"><strong>unbound-control</strong></span></span>
                  </p>
                </td>
                <td>
                  <p>
                    performs remote administration on the <span class=
                    "command"><strong>unbound</strong></span> DNS resolver.
                  </p>
                </td>
              </tr>
              <tr>
                <td>
                  <p>
                    <a id="unbound-control-setup" name=
                    "unbound-control-setup"></a><span class=
                    "term"><span class=
                    "command"><strong>unbound-control-setup</strong></span></span>
                  </p>
                </td>
                <td>
                  <p>
                    generates self-signed certificate and private keys for
                    the server and client.
                  </p>
                </td>
              </tr>
              <tr>
                <td>
                  <p>
                    <a id="unbound-host" name="unbound-host"></a><span class=
                    "term"><span class=
                    "command"><strong>unbound-host</strong></span></span>
                  </p>
                </td>
                <td>
                  <p>
                    is a DNS lookup utility similar to <span class=
                    "command"><strong>host</strong></span> from <a class=
                    "xref" href="../basicnet/bind-utils.html" title=
                    "BIND Utilities-9.14.10">BIND Utilities-9.14.10</a>.
                  </p>
                </td>
              </tr>
              <tr>
                <td>
                  <p>
                    <a id="libunbound" name="libunbound"></a><span class=
                    "term"><code class="filename">libunbound.so</code></span>
                  </p>
                </td>
                <td>
                  <p>
                    provides the <span class="application">Unbound</span> API
                    functions to programs.
                  </p>
                </td>
              </tr>
            </tbody>
          </table>
        </div>
      </div>
      <p class="updated">
        Last updated on 2020-02-16 15:50:16 -0800
      </p>
    </div>
    <div class="navfooter">
      <ul>
        <li class="prev">
          <a accesskey="p" href="openldap.html" title=
          "OpenLDAP-2.4.49">Prev</a>
          <p>
            OpenLDAP-2.4.49
          </p>
        </li>
        <li class="next">
          <a accesskey="n" href="../x/x.html" title=
          "X + Window and Display Managers">Next</a>
          <p>
            X + Window and Display Managers
          </p>
        </li>
        <li class="up">
          <a accesskey="u" href="other.html" title=
          "Chapter&nbsp;23.&nbsp;Other Server Software">Up</a>
        </li>
        <li class="home">
          <a accesskey="h" href="../index.html" title=
          "Beyond Linux� From Scratch     (System V Edition) - Version 9.1">Home</a>
        </li>
      </ul>
    </div>
  </body>
</html>
